# Copyright (C) 2012-2014 Zammad Foundation, http://zammad-foundation.org/

class Token < ActiveRecord::Base
  before_create           :generate_token

  belongs_to              :user

  def self.check( data )

    # fetch token
    token = Token.find_by( action: data[:action], name: data[:name] )
    return if !token

    # check if token is still valid
    if !token.persistent &&
       token.created_at < 1.day.ago

      # delete token
      token.delete
      token.save
      return
    end

    # return token if valid
    token.user
  end

  private

  def generate_token

    loop do
      self.name = SecureRandom.hex(20)

      break if !Token.exists?( name: name )
    end
  end
end